[Buildroot] [PATCH] package/vsftpd: fix build with libressl

Arnout Vandecappelle arnout at mind.be
Tue Aug 17 20:55:19 UTC 2021



On 15/08/2021 15:52, Francois Perrad wrote:
> Fixes the following error:
> ssl.c: In function 'ssl_init':
> ssl.c:98:18: error: 'SSL_OP_NO_TLSv1_3' undeclared (first use in this function); did you mean 'SSL_OP_NO_TLSv1_1'?
> 
> in ssl.h (libressl), the definition of SSL_OP_NO_TLSv1_3 is under the condition LIBRESSL_HAS_TLS1_3 or LIBRESSL_INTERNAL
> 
> with libopenssl, this definition is unconditional
> 
> this issue appears with vsftpd 3.0.4
> 
> Signed-off-by: Francois Perrad <francois.perrad at gadz.org>
> ---
>  package/vsftpd/vsftpd.mk | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/package/vsftpd/vsftpd.mk b/package/vsftpd/vsftpd.mk
> index 8daf07c62..e36ba299c 100644
> --- a/package/vsftpd/vsftpd.mk
> +++ b/package/vsftpd/vsftpd.mk
> @@ -41,7 +41,7 @@ VSFTPD_LIBS += -lpam
>  endif
>  
>  define VSFTPD_BUILD_CMDS
> -	$(TARGET_MAKE_ENV) $(MAKE) CC="$(TARGET_CC)" CFLAGS="$(TARGET_CFLAGS)" \
> +	$(TARGET_MAKE_ENV) $(MAKE) CC="$(TARGET_CC)" CFLAGS="$(TARGET_CFLAGS) -DLIBRESSL_HAS_TLS1_3" \

 I don't think this is how the libressl feature flags are supposed to be used. I
think you're supposed to patch opensslfeatures.h before building libressl.
AFAIU, the flags are indented to tell client applications which features are
available in the library, so vsftpd could do something like

#ifdef LIBRESSL_HAS_TLS1_3
... do something with SSL_OP_NO_TLSv1_3
#endif

 So I think a better solution would be to patch libressl to enable the two
feature flags (TLS1_3 and DTLS1_2).

 But I could be wrong, of course.

 Regards,
 Arnout


>  		LDFLAGS="$(TARGET_LDFLAGS)" LIBS="$(VSFTPD_LIBS)" -C $(@D)
>  endef
>  
> 


More information about the buildroot mailing list